Personal data protection - GDPR

We use cookies to deliver the best user experience on our site, including to personalise content and ads, to provide social media features and to analyse site traffic. These cookies include targeted media cookies and advanced analytics cookies. The legal basis for processing your personal data is that this processing is necessary for the purposes of our legitimate interest, except for processing where we combine data about your online behaviour with personal data that you may have previously provided to us and for which you have given your consent. You can withdraw your consent and refuse the use of these cookies at any time.
Svou žádost o odvolání souhlasu směřujte na mail

Information notice - TASY s.r.o.

Mokrá 358
664 04 Mokrá - Horákov
IČ: 269 36 321
VAT: CZ26936321

Registered in OR KS Brno, section C, insert 46978

Hereinafter referred to as the Administrator

As the controller, it will process your personal data as described above.

Instructions on the processing of personal data

No. 01 of 24.5.2018

The Administrator in accordance with the applicable legal regulations, i.e. Act No. 101/2000 Coll. (on the protection of personal data) (on the processing of personal data) and with effect from 25. May 2018 also with the Regulation of the European Parliament and of the Council EU 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the "Regulation" or "GDPR") hereby informs you that for the performance of a contract, for the implementation of pre-contractual measures at your request / fulfillment of a legal obligation, or for the purposes of a legitimate interest of the Administrator ("Legal basis of processing") will process your personal data ("PII") in the following scope: name, surname, email address, telephone number.

The Controller informs you that the Personal Data will be processed for the purpose(s) of: orders, sending newsletters based on the Legal Basis for Processing. The Controller does not process PII beyond the scope of the law unless you consent to it in writing. Personal data will be processed both automatically and manually, in compliance with all security principles for the management and processing of personal data.

The Controller informs you that other recipients of the Personal Data, in addition to the Controller, include processors with whom the Controller has a contract for the processing of personal data ("Processor") and provide sufficient guarantees for the protection of your personal data, recipients who are granted access for the purpose of fulfilling their legal obligations and recipients who are not Processors for the Controller but who are intermediaries or perform services or supply goods for the Controller and have a confidentiality agreement with the Controller.

The Controller informs you that it will not transfer your Personal Data to recipients or processors in third countries outside the European Economic Area (EEA) without your explicit consent if they have worse rules for handling personal data than the Czech Republic.

The Data Controller informs you that it will store the Personal Data for the period of time necessary to fulfill the given processing purpose/duration of the contract with the Data Controller. The Data Controller informs you that you have the right to request from the Data Controller access to, rectification or erasure of, restriction of processing of, or to object to processing of, the Personal Data and the right to portability of the Personal Data (i.e. to obtain the Personal Data from the Data Controller in a structured, commonly used and machine-readable format and to transmit it to another controller), that you may lodge a complaint with the Office for Personal Data Protection, that the provision of the Personal Data is not an obligation and that there is no automated decision-making or profiling. The Controller advises that you have the right to obtain confirmation from the Controller as to whether or not the PII is being processed. The rules are governed by the GDPR and related legislation.

The Data Controller informs you that you have the right to have the Personal Data erased (i) if the Personal Data is no longer necessary for the Purpose, (ii) if you withdraw your consent and there is no further legal basis for the processing, (iii) if you object to the processing of the Personal Data on the basis of the Data Controller's legitimate interest or object to automated individual decision-making or profiling, (iv) if the Personal Data has been unlawfully processed, (v) if the Personal Data must be erased to comply with a legal obligation, (vi) if the Personal Data has been collected in connection with the offering of information society services.

The Data Controller expressly points out that you have the right to object at any time to the processing of PI concerning you which has been obtained for the performance of a task carried out in the public interest or on the basis of a legitimate interest of the Data Controller, including profiling. Furthermore, you have the right to object at any time to the processing of personal data concerning you for marketing purposes. The Controller points out that you have the right not to be subject to any decision based solely on automated processing, including profiling, which has a legal

effects on you or significantly affects you, unless it is necessary for entering into or performance of a contract or is based on your explicit consent.

The controller discloses that in the event of a breach of the security of the DPA which results in a high risk to the rights and freedoms of the data subject, it will notify the data subject of the breach without undue delay.